Initial backup: 18 monitoring scripts + timers + docs

- 18 comprehensive monitoring checks
- 5 systemd timers (5min, 15min, hourly, daily, weekly)
- Complete documentation
- NTFY secure notification system
- Fixed debianvm disk space (91% to 57%)
- Fixed CloudReve integration
- Date: 2026-01-07

scripts/check-ssl-certs.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+# Check SSL certificate expiry
+set -euo pipefail
+
+SEND_NTFY="/usr/local/bin/send-ntfy.sh"
+
+# Check PVE web interface cert
+if [ -f "/etc/pve/pve-root-ca.pem" ]; then
+    EXPIRY=$(openssl x509 -enddate -noout -in /etc/pve/pve-root-ca.pem 2>/dev/null | cut -d= -f2)
+    EXPIRY_EPOCH=$(date -d "$EXPIRY" +%s 2>/dev/null || echo "0")
+    NOW=$(date +%s)
+    DAYS_LEFT=$(( (EXPIRY_EPOCH - NOW) / 86400 ))
+    
+    if [ "$DAYS_LEFT" -lt 15 ]; then
+        $SEND_NTFY critical "SSL Certificate Expiring" "🔴 CRITICAL: PVE SSL certificate expires in $DAYS_LEFT days!" "skull,lock,warning"
+    elif [ "$DAYS_LEFT" -lt 30 ]; then
+        $SEND_NTFY warning "SSL Certificate Expiring Soon" "🟡 WARNING: PVE SSL certificate expires in $DAYS_LEFT days" "warning,lock"
+    fi
+    
+    logger -t ssl-monitor "PVE cert expires in $DAYS_LEFT days"
+fi